Posted
by
samzenpus
on Friday May 02, 2014 @07:08AM
from the we-did-it-our-way dept.

First time accepted submitter ElyKahn (3637855) writes "The diaspora of startups with an NSA pedigree is rapidly growing. These startups, such as Sqrrl, Virtru, and Synack, are typically security-focused and often are commercializing technology projects from the NSA. However, coming from the NSA is a dual-edged sword... the technology is world-class and cutting-edge, but they must also fight the viewpoint of some that the startups are merely a front for the NSA."

They only need one customer. Uncle Sam will throw pallets of cash at any company that says the magic words "We can help you with national security" (non-bullshit translation: "We can help you spy on your citizens and other county's citizens").

It reminds me of when the BNFL changed the name of its nuclear generating and reprocessing plant from Windscale to Sellafield [theguardian.com] to lose the association with radiation leaks, fires, etc.

Unfortunately, we're increasingly discovering that the European intelligence agencies are pretty strongly in bed with the US surveillance state, too. It's not 100% clear if the situation is quite as bad, but there is substantial evidence that the German, French, Danish, Swedish, etc. intelligence services are routinely helping each other out. There's some suspicion that they're even doing some jurisdiction-laundering through these arrangements: the NSA can spy on Germans because they're foreigners, and then shares data with German intelligence that German intelligence wouldn't be able to legally collect on their own citizens. And vice versa, e.g. Swedish intelligence has apparently been spying on Americans and sharing the info back with American intelligence.

Not sure if the situation is quite as bad here, but it's getting pretty bizarre. Apparently, British Intelligence gave (secret) advise to the Dutch intelligence services on how to circumvent legal objections to perform wiretaps, as evidenced by communication leaked by Snowden. When such practises were questioned in parliament, concern was expressed that limiting the amount of spying by Dutch intelligence services would mean that they'd have fewer data to trade with the NSA. Apparently these agencies have a tit-for-tat policy... By the way, the body that expressed that concern was not the intelligence agency, nor was it parliament, but the oversight committee that is supposed to keep an eye on intelligence agencies. Somehow, that doesn't give me a warm fuzzy feeling that my rights are assured...

It's an interesting conundrum. We can at least try to pass laws to prevent our governments from spying us, but even if we succeed we can't very well pass a law forbidding others' governments from doing what they will.

At the international level it is more of the government spying on other governments not your average citizen. And every country of note on the planet does it and the rank hypocrisy of the countries raising a fuss about a US intelligence agency performing it's functions is simply breath taking. OMG a spying agency that actually spies. Stop the fucking presses and get ready to charge the barricades. The whole NSA spying issue has been blown out of proportion when it comes to spying on individuals. There isn't

Unfortunately, we're increasingly discovering that the European intelligence agencies are pretty strongly in bed with the US surveillance state, too. It's not 100% clear if the situation is quite as bad, but there is substantial evidence that the German, French, Danish, Swedish, etc. intelligence services are routinely helping each other out. There's some suspicion that they're even doing some jurisdiction-laundering through these arrangements: the NSA can spy on Germans because they're foreigners, and then shares data with German intelligence that German intelligence wouldn't be able to legally collect on their own citizens. And vice versa, e.g. Swedish intelligence has apparently been spying on Americans and sharing the info back with American intelligence.

I would say that they are all doing it, and that the NSA probably isn't the best at it (Israel and Russia are great at it, France-Germany-UK are good at it, China does it in the open...). The only difference between the NSA and intelligence agencies elsewhere is discretion. And Snowden, of course. That was discretion 101: what not to do.

... European... agencies... in bed with the US surveillance state,... German, French, Danish, Swedish,... routinely helping each other out.

One scenario where this would make sense is if the governments of the world see the upcoming conflicts as, not between nation-states or groups of them, but between nation-states as a class and their citizens.

There's been a lot of talk about things like:
- The Internet gives people news channels that can't be so readily turned into propaganda machines for those

Every time I look at an org like this I remember, its government....they do funding in the same model as academic institutions and hospitals. They are a cash cow....but employes can't get at those teats directly, they can only influence who externally gets to suck.

Clearly the smart move is to leave, and become a service provider. Start a security focused business, start something the NSA themselves will have trouble getting into, and you provide incentive for them to buy their way

Clearly the smart move is to leave, and become a service provider. Start a security focused business, start something the NSA themselves will have trouble getting into, and you provide incentive for them to buy their way in when your security focus attracts someone they find interesting

I wasn't asking about legitimate spin-offs, I was wondering how many of them are pure crooks (;-))

When Sun still existed, it wasn't at all unexpected for a couple of people to leave to start their own business, work on something on their own nickel that Sun wasn't going to fund, and see if they'd get bought.

The Sun very-very-multithreaded chips came out of two hardware designers thinking that there was a better way to go fast than "this chip is so hot it glows in the dark". They got lots of parallel th

Government: founded by and for the people, beholden to certain truths inalienable to all mankind, servant of the public trust and keeper of the freedom. checks and balances exist in theory to crush any attempt to tread on constitutional rights.Corporations:: Facebook gmail gchat pinterest funtime! its snapchat loads of fun social social! just sign up! its free and all ur friend r here its fun! play farmville!:DFusion Center: [wikipedia.org] Warrants are hard, congress is slow, we steal your data, but you'll never know

I fear the NSA a lot less than Russian Mafia and or the others that seem to be running things like the Target break in. I feel that many people do not have their threats in line with reality. Kind of like people that live in terror of nuclear power plants and flying but drive a 1982 Volvo with no airbags, traction control, or anti-lock brakes.

OK... So i can't fear both? What can the Russian Mafia do? Steal my banking info? That is nothing compared to a surveillance state gone mad with power. If you can't see why a government might have more power than the Russian Mafia, then perhaps it's time to rethink what this data collection is and can be used for. They already admitted meta data is enough to issue a kill order, and has been done so.

coming from the NSA is a dual-edged sword... the technology is world-class and cutting-edge

There's also the human problem that more often than not, "usta work for the NSA" means "could not hack it in private sector," "buzzword compliant," or "washout."

Here at a small software company in the PNW, we've literally hired hundreds of ex-NSA and similar defense intel people. The vast majority cannot think their way out of a paper bag. Once you get past the secret squirrel BS and the kill-chain-chinese-haxxor-APT

Here at a small software company in the PNW, we've literally hired hundreds of ex-NSA and similar defense intel people. The vast majority cannot think their way out of a paper bag.... By and large, the NSA people are useless and only here to steal our soda.

You use paper bags? Everyone I know in the PNW uses reusable shopping bags.

"The backdoor allows anyone with knowledge of a secret user agent string to log in and modify settings on any router running the vulnerable software,"... "The values for the points P1 and P2 could have been chosen randomly or they could have been chosen with a deliberate relationship. If they were chosen deliberat

"The basics on backdoors in security systems" on How the NSA (may have) put a backdoor in RSA’s cryptography: A technical primer [arstechnica.com]. I thought the "pool ball" analogy was very interesting....
"The backdoor allows anyone with knowledge of a secret user agent string to log in and modify settings on any router running the vulnerable software,"... "The values for the points P1 and P2 could have been chosen randomly or they could have been chosen with a deliberate relationship. If they were chosen deliberately, there is a backdoor."
Is there any way to tell if they were chosen deliberately or not, and if not is this a possibility for any of these programs out there?

Yeah but the NSA probably doesn't want back doors to exist just as much as we do, if not more so... Think of the extremely dangerous consequences for the NSA that could happen if they DID exist or if someone from inside did know a "secret user string" and used it against them... (hint, think Snowden)